var i_com;
var ALGO_DES = 1;
var ALGO_3DES = 26115;
var ALGO_RC4 = 26625;
var ALGO_CDEA = 3;
var ALGO_SSF33 = 4;
var ALGO_RSA = 100;
var ALGO_ECC = 101;
var ALGO_SHA1 = 32772;
var ALGO_MD5 = 32771;
var LBLTYPE_CERT = 1;
var LBLTYPE_KEY = 2;
var LBLTYPE_OTHER = 3;
var MODE_RD = 0;
var MODE_WR = 1;
var MODE_RW = 2;
var LBL_DISAID = "LAB_DISAID"; // 存放keynetid
var LBL_DISAID0 = "LAB_DISAID0"; //
var LBL_TRUSTSTR0 = "LAB_TRUSTSTR0";// 信任服务号1
var LBL_TRUSTSTR1 = "LAB_TRUSTSTR1";// 信任服务号2
// var LBL_OPERATORID="operatorType";
var LBL_OPERATORID = "LAB_OPERATORID";
var LBL_USERID = "LAB_USERID";
var LBL_RA_COMM_CERT = "LBL_CERT";
var LBL_SIP_INFO = "LAB_SIP_INFO";
var LBL_RA_SERV_CERT = "RA_SERV_CERT";
var LBL_RA_SERV_CERT_SIG = "RA_SERV_CERT_SIG";
var LBL_RA_SERV_CERT_ENC = "RA_SERV_CERT_ENC";
var LBL_CACERT = "CA_CERT";
var LBL_ROOTCACERT = "ROOTCA_CERT";
var LBL_USERCERT = "LAB_USERCERT";
var LBL_USERCERT_SIG = "LAB_USERCERT_SIG";
var LBL_USERCERT_TEMP = "LAB_USERCERT_TEMP";
var LBL_USERCERT_ENC = "LAB_USERCERT_ENC";
var LBL_USERCERT_SIG_SN = "LAB_USERCERT_SIG_SN";
var LBL_USERCERT_ENC_SN = "LAB_USERCERT_ENC_SN";
var LBL_USERCERT_ENC_BAK = "LAB_USERCERT_ENC_BAK";
var LBL_USERCERT_SIG_BAK = "LAB_USERCERT_SIG_BAK";
var LBL_MANAGER_CERT = "manager";
var LBL_KEYKEEPER_CERT = "keykeeper";
var LBL_DEVICE_CERT = "SingleCert";
var LBL_MANAGER_KEY = "manager";
var LBL_KEYKEEPER_KEY = "keykeeper";
var LBL_DEVICE_KEY = "SingleCertKey";
var LBL_TRUST = "root.cer";
var LBL_CRL = "Crl.crl";
var LBL_CERT_CHAIN = "CertChain.cer";
var LBL_KEY = "LAB_KEY";
var LBL_PINID = "LAB_PINID";
var LBL_PINKEY = "LAB_PINKEY";
var LBL_KEYHASH = "LAB_KEYHASH";
var LBL_ROOTID = "LAB_ROOTID";
var LBL_SUPER_PIN = "123456";
var LBL_INIT_PIN = "123456";
var LBL_FACTORY_USER_PIN = "123456";
var LBL_PRIV_KEY_PIN = "";
var LBL_KEY_PASSWD = "KEY_PASSWD";
var LBL_TEMP = "LAB_TEMP";
var LBL_TEMP_PUB = "LAB_TEMP_PUB";
var LBL_OTHER = "LAB_OTHER";
var PIN_LENGTH = 6;
var PASSWD_LENGTH = 6;
var TMP_KEY = "1234567890123456";
var keySet = [10, 11, 12, 20, 21, 30, 31];
var OldkeySet = [2, 3];
var GDCA_GET_CERT_INFO = 1;
var GDCA_GET_CERT_VERSION = 2;
var GDCA_GET_CERT_SERIAL = 3;
var GDCA_GET_CERT_SIGNATURE_ALGO = 4;
var GDCA_GET_CERT_ISSUER = 5;
var GDCA_GET_CERT_VALID_TIME = 6;
var GDCA_GET_CERT_SUBJECT = 7;
var GDCA_GET_CERT_PUBLIC_KEY = 8;
var GDCA_GET_CERT_EXTENSIONS = 9;

function isKey(i_com) {
	var cert_type = parent.parent.parent.parent.frames("CAActiveX").cert_type.value;
	var key_type = i_com.GDCA_GetDevicType();
	if (parseInt(key_type) == OldkeySet[0]) {
		alert("本RA不支持维豪的老KEY");
		return 0;
	}
	if (parseInt(key_type) == -2) {
		alert("注册表错误");
		return 0;
	}
	if (parseInt(key_type) == -1) {
		alert("未插KEY");
		return 0;
	}
	if (parseInt(key_type) == -3) {
		alert("USB有其他设备");
		return 0;
	}
	if (parseInt(key_type) == OldkeySet[1] || cert_type == 1) {
		parent.parent.parent.parent.frames("CAActiveX").cert_type.value = 1;
		return 1;
	}
	for (var keyNum = 0; keyNum < keySet.length; keyNum++) {
		if (parseInt(key_type) == keySet[keyNum]) {
			parent.parent.parent.parent.frames("CAActiveX").cert_type.value = 2;
			return keySet[keyNum];
		}
	}
	alert("目前不支持的USB设备，keyType=" + key_type);
	alert("需要接入该USB设备，请于CA系统管理人员联系!");
	return 0;
}

function isSGKey(i_com) {
	var key_type = i_com.GDCA_GetDevicType();

	if (parseInt(key_type) == -2) {
		alert("注册表错误");
		return 0;
	}
	if (parseInt(key_type) == -1) {
		alert("未插KEY");
		return 0;
	}
	if (parseInt(key_type) == -3) {
		alert("USB有其他设备");
		return 0;
	}

	return key_type;
}
/*
 * function isSGKey(i_com) { var cert_type = 2; var key_type =
 * i_com.GDCA_GetDevicType(); if(parseInt(key_type) == OldkeySet[0]) {
 * alert("本RA不支持维豪的老KEY"); return 0; } if(parseInt(key_type) == -2) {
 * alert("注册表错误"); return 0; } if(parseInt(key_type) == -1) { alert("未插KEY");
 * return 0; } if(parseInt(key_type) == -3) { alert("USB有其他设备"); return 0; }
 * if(parseInt(key_type) == OldkeySet[1] || cert_type == 1) { return 1; }
 * for(var keyNum=0;keyNum<keySet.length;keyNum++) { if (parseInt(key_type) ==
 * keySet[keyNum]) {
 * 
 * return keySet[keyNum]; } } alert("目前不支持的USB设备，keyType="+key_type);
 * alert("需要接入该USB设备，请于CA系统管理人员联系!"); return 0; }
 */

function CommInit(i_com) {
	var ret = i_com.OpkiInit();
	if (ret != 0) {
		alert("pkiInit error:" + ret);
		return ret;
	}
	return 0;
}
function CommEnd(i_com) {
	var ret = i_com.OpkiEnd();
	if (ret != 0) {
		alert("OpkiEnd error:" + ret);
		return ret;
	}
	return 0;
}
function Operator_Login(i_com, forms) {
	var rt = -1;
	var PIN;
	var o_data = new Array;
	PIN = forms.textfield.value;
	if (PIN.length == 0) {
		alert("请输入PIN码");
		forms.textfield.focus();
		return -1;
	}
	rt = CommInit(i_com);
	if (rt != 0)
		return rt;
	rt = LoginDisa(i_com, PIN);
	if (rt != 0) {
		return -1;
	}
	rt = ReadLabel(i_com, LBL_OPERATORID, LBLTYPE_OTHER, o_data)
	if (rt != 0) {
		alert("读取OPERATOR_ID标签失败！");
		return -1;
	}
	rt = Base64Decode(i_com, o_data[0], o_data);
	if (rt != 0)
		return;
	forms.operator_id.value = o_data[0];
	CommEnd(i_com);
	return 0;
}
function LoginDisa(i_com, PIN) {
	var ret;
	rt = CommInit(i_com);
	if (rt != 0)
		return rt;
	if (!i_com.IsLogin(1)) {
		ret = i_com.OpkiLogin(1, PIN);
		if (ret != 0) {
			alert("登录实体鉴别器失败，有可能这个实体鉴别器是空白的或者是输入的原pin码错误。请重试!" + ret);
			LogOut(i_com);
			return ret;
		} else {
		}
	}
	CommEnd(i_com);
	return 0;
}
function ModifyPIN(i_com, newPIN) {
	var ret;
	rt = CommInit(i_com);
	if (rt != 0)
		return rt;
	ret = i_com.OpkiSetPin(1, newPIN);
	if (ret != 0) {
		alert("ModifyPIN failed" + ret);
		LogOut(i_com);
		return ret;
	}
	CommEnd(i_com);
	return 0;
}
function ModifyPIN01(i_com, oldPIN, newPIN) {
	var rt;
	rt = CommInit(i_com);
	if (rt != 0)
		return rt;
	rt = i_com.OpkiLogin(1, oldPIN);
	if (rt != 0) {
		alert("原PIN码输入错误: " + rt);
		LogOut(i_com);
		return rt;
	}
	rt = i_com.OpkiChangePrivkeyPasswd("LAB_USERCERT_SIG", oldPIN, newPIN);
	if (rt != 0) {
		alert("修改PIN码错误:" + rt);
		LogOut(i_com);
		return rt;
	}
	rt = i_com.OpkiLogin(1, newPIN);
	if (rt != 0) {
		alert("新PIN码登陆有误: " + rt);
		LogOut(i_com);
		return rt;
	}
	rt = i_com.OpkiCheckPrivKey("LAB_USERCERT_ENC", newPIN);
	if (rt != 0) {
		alert("标签与口令不匹配:" + rt);
		LogOut(i_com);
		return rt;
	}
	CommEnd(i_com);
	return 0;
}
function LogOut(i_com) {
	var ret;
	ret = i_com.OpkiLogout();
	if (ret != 0) {
		alert("PKI控件退出失败");
		return ret;
	}
	return 0;
}
function formatKey(i_com, PIN) {
	var ret;
	ret = i_com.OpkiReadLabel("LAB_OPERATORID", 3);
	if (ret == 0) {
		alert("这是一个操作员的Key，不能格式化！");
		return;
	}
	ret = i_com.OpkiReadLabel("LAB_USERCERT_SIG", 1);
	if (ret == 0) {
		alert("硬件介质中有用户证书！");
		if (!confirm("您确定要格式化这个硬件介质吗？")) {
			return;
		}
	}
	ret = i_com.OpkiFormat(PIN);
	if (ret != 0) {
		alert("实体鉴别器格式化失败,请检查实体鉴别器是否插好！");
		LogOut(i_com);
		return ret;
	}
	return 0;
}
function unlockKey(i_com, pin) {
	ret = i_com.OpkiUnlock("123456");
	if (ret != 0) {
		alert("解锁失败: " + ret);
	}
	ret = i_com.OpkiSetPin(1, pin);
	i_com.OpkiEnd();
	return ret;
}
function WriteLabel(i_com, i_label, i_type, i_mode, i_data) {
	var ret = 0;
	ret = CommInit(i_com);
	if (ret != 0) {
		return ret;
	}
	ret = i_com.OpkiWriteLabel(i_label, i_type, i_mode, i_data);
	if (ret != 0) {
		alert("pkiWriteLabel error:" + ret);
		LogOut(i_com);
		return ret;
	}
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function ReadLabel(i_com, i_label, i_type, o_data) {
	var ret = 0;
	var out_data = new Array;

	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.OpkiReadLabel(i_label, i_type);
	if (ret != 0) {
		if (i_label == "LAB_TEMP_PUB" && i_type == 2) {
			// alert("开始生成临时密钥对");
			ret = GetCryptKeyPairDer(i_com, LBL_TEMP, "123456", out_data);
			if (ret != 0)
				return ret;
			o_data[0] = out_data[0];

			// alert("写临时公钥");
			ret = WriteLabel(i_com, LBL_TEMP_PUB, LBLTYPE_KEY, MODE_RW, out_data[0]);
			if (ret != 0)
				return ret;
			// alert("临时加密公钥="+out_data[0]);
			// alert("临时加密公钥产生成功");
			return 0;
		} else {
			LogOut(i_com);
			return ret;
		}
	}
	o_data[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function GetSignKeyPairDer(i_com, i_label, i_passwd, o_Key) {
	var ret = 0;
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.OpkiGenRsaKeyInDevice(i_label, i_passwd, 1024);
	if (ret != 0) {
		alert("pkiGetRsaKeyPairDer error:" + ret);
		LogOut(i_com);
		return ret;
	}
	o_Key[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function GetCryptKeyPairDer(i_com, i_label, i_passwd, o_Key) {
	var ret = 0;
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.OpkiGenRsaExKeyInDevice(i_label, i_passwd, 1024);
	if (ret != 0) {
		alert("pkiGetRsaKeyPairDer error:" + ret);
		LogOut(i_com);
		return ret;
	}
	o_Key[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function GenCertRequest(i_com, i_dn_c, i_dn_s, i_dn_l, i_dn_o, i_dn_ou,
		i_dn_cn0, i_dn_cn1, i_dn_cn2, i_dn_E, i_keySize, i_keyPwd, i_algo,
		i_KeyLbl, o_certReq) {
	var ret = "";
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.OpkiGenCertRequest(i_dn_c, i_dn_s, i_dn_l, i_dn_o, i_dn_ou,
			i_dn_cn0, "", "", i_keySize, i_keyPwd, i_algo, i_KeyLbl);
	if (ret != 0) {
		alert("pkiGenCertRequest error!" + ret);
		LogOut(i_com);
		return ret;
	}
	o_certReq[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function Base64Encode(i_com, i_data, o_data) {
	var ret = 0;
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.OpkiBase64Encode(i_data);
	if (ret != 0) {
		alert("PkiBase64Encode error:" + ret);
		LogOut(i_com);
		return ret;
	}
	o_data[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function Base64Decode(i_com, i_data, o_data) {
	var ret = 0;
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.OpkiBase64Decode(i_data);
	if (ret != 0) {
		alert("PkiBase64Encode error:" + ret);
		return ret;
	}
	o_data[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function SymmEncrypt(i_com, i_symmAlgo, i_symmKey, i_data, o_data) {
	var ret = 0;
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.OpkiSymmCryptData(1, i_symmAlgo, i_symmKey, i_data);
	if (ret != 0) {
		alert("SymmEncrypt error:" + ret);
		return ret;
	}
	o_data[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function SymmCrypt(i_com, i_symmAlgo, i_symmKey, i_data, o_data) {
	var ret = 0;
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.OpkiSymmCryptData(0, i_symmAlgo, i_symmKey, i_data);
	if (ret != 0) {
		alert("SymmCrypt error:" + ret);
		return ret;
	}
	o_data[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function PubKeyCrypt(i_com, i_pubKey, i_Data, o_encData) {
	var ret = 0;
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.OpkiPubKeyEncrypt(i_pubKey, i_Data);
	if (ret != 0) {
		alert("OpkiPubKeyEncrypt error:" + ret);
		return ret;
	}
	o_encData[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function PrivKeyDecrypt(i_com, i_label, i_passwd, i_encData, o_cryData) {
	var ret = 0;
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.OpkiPrivKeyDecrypt(i_label, i_passwd, i_encData);
	if (ret != 0) {
		alert("OpkiPrivKeyDecrypt error:" + ret);
		return ret;
	}
	o_cryData[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function Hash(i_com, i_alog, i_data, o_data) {
	var ret = 0;
	var algo = 32772;
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.OpkiHashData(i_alog, i_data);
	if (ret != 0) {
		alert("pkiHashData error:" + ret);
		return ret;
	}
	o_data[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function ReadFile(i_com, i_fileName, o_Data) {
	var ret = 0;
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.ReadFile(0, 1, i_fileName);
	if (ret != 0) {
		alert("ReadFile error:" + ret);
		return ret;
	}
	o_Data[0] = i_com.outData;
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function WriteFile(i_com, i_fileName, i_data) {
	var ret = 0;
	ret = CommInit(i_com);
	if (ret != 0)
		return ret;
	ret = i_com.WriteFile(i_fileName, 1, i_data);
	if (ret != 0) {
		alert("WriteFile error:" + ret);
		return ret;
	}
	ret = CommEnd(i_com);
	if (ret != 0)
		return ret;
	return 0;
}
function CertDownLoadWrite(i_com, i_isBack, i_oldUserPin, i_newUserPin,
		i_oldPrvKeyPasswd, i_newPrvKeyPasswd, i_certtype, i_signCert,
		i_signCert_sn, i_encCert, i_encCert_sn, i_encKey, i_encKeyHash, i_symKey,
		i_userid, i_ca_cert) {
	var rt = 0;
	var out_data = new Array;
	rt = LoginDisa(i_com, i_oldUserPin);
	if (rt != 0) {
		CommEnd(i_com);
		return rt;
	}
	if ((i_isBack != "N") && (i_isBack != "n")) {
		if (i_certtype == "CT02") {
			i_com.OpkiDeleteLabel(LBL_USERCERT_ENC, LBLTYPE_CERT);
			i_com.OpkiDeleteLabel(LBL_USERCERT_ENC, LBLTYPE_KEY);
			i_com.OpkiDeleteLabel(LBL_USERCERT_SIG, LBLTYPE_CERT);
			i_com.OpkiDeleteLabel(LBL_USERCERT_SIG_SN, LBLTYPE_OTHER);
			i_com.OpkiDeleteLabel(LBL_USERCERT_ENC_SN, LBLTYPE_OTHER);
		} else if (i_certtype == "CT01") {
			i_com.OpkiDeleteLabel(LBL_USERCERT_SIG, LBLTYPE_CERT);
			i_com.OpkiDeleteLabel(LBL_USERCERT_SIG_SN, LBLTYPE_OTHER);
		}
	}
	var PrivateKeyPlain;
	if (i_encKey != "") {
		if (i_symKey != "") {
			rt = PrivKeyDecrypt(i_com, LBL_TEMP, "123456", i_symKey, out_data)
			if (rt != 0) {
				alert("解密后的对称密钥出错");
				return rt;
			}
			var symKey_encode = out_data[0];
			rt = Base64Decode(i_com, symKey_encode, out_data);
			if (rt != 0) {
				alert("编码对称密钥失败 ret=" + rt);
				return rt;
			}
			var symKey_plain = out_data[0];
			rt = SymmCrypt(i_com, ALGO_3DES, symKey_encode, i_encKey, out_data);
			if (rt != 0) {
				alert("解密私钥失败！" + rt);
				return rt;
			}
			PrivateKeyPlain = out_data[0];
		} else {
			PrivateKeyPlain = i_encKey;
		}
		var PrivateKeyPlainLen = PrivateKeyPlain.length;
		rt = Hash(i_com, ALGO_SHA1, PrivateKeyPlain, out_data)
		if (rt != 0) {
			alert("私钥hash value 失败");
			return rt;
		}
		var prv_key_hash = out_data[0];
		if (prv_key_hash != i_encKeyHash) {
			alert("比较私钥hash 失败!");
			return -1;
		}
		rt = i_com.OpkiUpdatePrivKey(1, LBL_USERCERT_ENC, i_oldPrvKeyPasswd,
				PrivateKeyPlain);
		if (rt != 0) {
			alert("写私钥失败");
			return;
		}
	}
	if (i_signCert.length == 0 || i_signCert == "") {
		alert("签名证书为空，数据不全，不能正常下载！");
		return -100;
	}
	rt = WriteLabel(i_com, LBL_USERCERT_SIG, LBLTYPE_CERT, MODE_RW, i_signCert);
	if (rt != 0) {
		alert("写签名证书失败");
		return rt;
	}
	rt = Base64Encode(i_com, i_signCert_sn, out_data);
	if (rt != 0) {
		return rt;
	}
	rt = WriteLabel(i_com, LBL_USERCERT_SIG_SN, LBLTYPE_OTHER, MODE_RW,
			out_data[0]);
	if (rt != 0) {
		alert("写签名证书序列号失败");
		return rt;
	}
	if (i_certtype == "CT02") {
		if (i_encCert.length == 0 || i_encCert == "") {
			alert("加密证书为空，数据不全，不能正常下载！");
			return -101;
		}
		rt = WriteLabel(i_com, LBL_USERCERT_ENC, LBLTYPE_CERT, MODE_RW, i_encCert);
		if (rt != 0) {
			alert("写加密证书失败");
			return rt;
		}
		rt = Base64Encode(i_com, i_encCert_sn, out_data);
		if (rt != 0) {
			return rt;
		}
		rt = WriteLabel(i_com, LBL_USERCERT_ENC_SN, LBLTYPE_OTHER, MODE_RW,
				out_data[0]);
		if (rt != 0) {
			alert("写加密证书失败");
			return rt;
		}
	}
	if ((i_isBack == "N")) {
		rt = WriteLabel(i_com, LBL_CACERT, LBLTYPE_CERT, MODE_RW, i_ca_cert);
		if (rt != 0) {
			alert("写CA根证书失败！");
			LogOut(i_com);
			return rt;
		}
		rt = WriteLabel(i_com, LBL_USERID, LBLTYPE_OTHER, MODE_RW, i_userid);
		if (rt != 0) {
			alert("写用户编号失败！");
			LogOut(i_com);
			return rt;
		}
	}
	rt = i_com.OpkiChangePrivkeyPasswd("LAB_USERCERT_SIG", i_oldPrvKeyPasswd,
			i_newUserPin);
	if (rt != 0) {
		alert("OpkiChangePrivKey Err:" + rt);
		LogOut(i_com);
		return rt;
	}
	rt = i_com.OpkiLogin(1, i_newUserPin);
	if (rt != 0) {
		alert("NewKey Login Error. Err: " + rt);
		LogOut(i_com);
		return rt;
	}
	rt = i_com.OpkiCheckPrivKey("LAB_USERCERT_ENC", i_newUserPin);
	if (rt != 0) {
		alert("OpkiCheckPrivKey LAB_USERCERT_ENC Err:" + rt);
		LogOut(i_com);
		return rt;
	}
	LogOut(i_com);
	CommEnd(i_com);
	return 0;
}
function FormatRAEKey(PkiCom3, crypPubKey) {
	var ret = -1;
	var out_data = new Array;
	ret = CommInit(PkiCom3);
	if (ret != 0)
		return ret;
	ret = GetSignKeyPairDer(PkiCom3, LBL_USERCERT_SIG, "123456", out_data);
	if (ret != 0)
		return ret;
	ret = GetCryptKeyPairDer(PkiCom3, LBL_TEMP, "123456", out_data);
	if (ret != 0)
		return;
	crypPubKey[0] = out_data[0];
	ret = WriteLabel(PkiCom3, LBL_TEMP_PUB, LBLTYPE_KEY, MODE_RW, out_data[0]);
	if (ret != 0)
		return;
	CommEnd(PkiCom3);
	return 0;
}
function AcceptCreatSignKey(PkiCom3, userType) {
	var ret = -1;
	var out_data = new Array;
	var pubKeyEcd;
	var prvKeyEcd;
	var prvKeyPlain;
	if (userType == "") {
		return -1;
	}
	if (userType == "UT03") {
		ret = PkiCom3.OpkiGetRsaKeyPairDer(1024);
		if (ret != 0) {
			alert("生成签名密钥对失败:" + ret);
			LogOut(PkiCom3);
			return ret;
		}
		pubKeyEcd = PkiCom3.outData;
		prvKeyEcd = PkiCom3.outData0;
		ret = PkiCom3.OpkiUpdatePrivKey(0, LBL_USERCERT_SIG, "123456", prvKeyEcd);
		if (ret != 0) {
			alert("写签名私钥失败" + ret);
			return ret;
		}
		prvKeyPlain = prvKeyEcd;
		ret = WriteLabel(PkiCom3, LBL_USERCERT_TEMP, LBLTYPE_OTHER, MODE_RW,
				prvKeyPlain);
		if (ret != 0)
			return ret;
	} else {
	}
	return 0;
}
var GDCA_LBL_CONFIG = 1;
var GDCA_LBL_DATA = 2;
var GDCA_LBL_EXDATA = 3;
var GDCA_LBL_SIGNKEY = 4;
var GDCA_LBL_ENCKEY = 5;
var GDCA_LBL_SIGNCERT = 7;
var GDCA_LBL_ENCCERT = 8;
var GDCA_LBL_CACERT = 9;
var GDCA_LBLMODE_RD = 1;
var GDCA_LBLMODE_WR = 2;
var GDCA_LBLMODE_RW = 3;
function GDCASetDevice(i_Com, deviceType) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_SetDeviceType(deviceType);
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCAInitialize(i_Com) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_Initialize();
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCAFinalize(i_Com) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_Finalize();
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCALogin(i_Com, usrtype, usrpin) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_Login(usrtype, usrpin);
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCALogout(i_Com) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_Logout();
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCAFormatDevice(i_Com, suppin, usrpin) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_FormatDevice(suppin, usrpin);
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCAGenKeyPair(i_Com, labelName, keyType) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_GenRsaKeyPair(labelName, keyType);
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCAGetPubKey(i_Com, keyLabel, labelType, outData) {
	var pubkey = "";
	// pubkey = i_Com.GDCA_OpkiGetPubLicKey(keyLabel,labelType);
	pubkey = i_Com.GDCA_GetPubLicKey(keyLabel, labelType);

	errorCode = i_Com.GetError();
	outData[0] = pubkey;
	return errorCode;
}

function GDCAFormatRAEKey(i_Com) {
	var rtn, errorCode;
	rtn = GDCAGenKeyPair(i_Com, LBL_USERCERT_SIG, GDCA_LBL_SIGNKEY);
	if (rtn != 0) {
		alert("生成签名密钥对出错：" + rtn);
		return rtn;
	}
	/*
	 * rtn = GDCAGenKeyPair(i_Com,LBL_TEMP,GDCA_LBL_ENCKEY); if(rtn != 0) {
	 * alert("生成临时密钥对出错："+rtn); return rtn; }
	 */
	return rtn;
}

function GDCACommonInitKey(i_Com, key_type, user_type, userpasswd) {
	var ret;
	ret = GDCASetDevice(i_Com, key_type);
	if (ret != 0) {
		alert("设置设备类型出错：" + ret);
		return ret;
	}
	ret = GDCAInitialize(i_Com);
	if (ret != 0) {
		alert("初始化控件出错：" + ret);
		return ret;
	}
	ret = GDCALogin(i_Com, user_type, userpasswd);
	if (ret != 0) {
		alert("登陆出错：" + ret);
		return ret;
	}
	return ret;
}
function GDCACommonEndKey(i_Com) {
	var ret;
	ret = GDCALogout(i_Com);
	if (ret != 0)
		alert("GDCALogout Error:" + ret);
	ret = GDCAFinalize(i_Com);
	if (ret != 0)
		alert("Finalize Error:" + ret);
	return ret;
}

function GDCAGenCertRequest(i_Com, keyLabel, dn_c, dn_s, dn_l, dn_o, dn_ou,
		i_dn_e, dn_cn1, dn_cn2, dn_cn3, outData) {
	var errorCode, certReq = "";
	if (i_dn_e == "" || i_dn_e == "undefined") {
		certReq = i_Com.GDCA_OpkiGenCertRequest(keyLabel, GDCA_LBL_SIGNKEY, dn_c,
				dn_s, dn_l, dn_o, dn_ou, "", dn_cn1, "", "");
	} else
		certReq = i_Com.GDCA_OpkiGenCertRequest(keyLabel, GDCA_LBL_SIGNKEY, dn_c,
				dn_s, dn_l, dn_o, dn_ou, i_dn_e, dn_cn1, "", "");
	errorCode = i_Com.GetError();
	outData[0] = certReq;
	return errorCode;
}

function GDCABase64Encode(i_Com, inData, outData) {
	var errorCode, Base64Data = "";
	Base64Data = i_Com.GDCA_Base64Encode(inData);
	errorCode = i_Com.GetError();
	outData[0] = Base64Data;
	return errorCode;
}
function GDCABase64Decode(i_Com, inData, outData) {
	var errorCode, Base64Data = "";
	Base64Data = i_Com.GDCA_Base64Decode(inData);
	errorCode = i_Com.GetError();
	outData[0] = Base64Data;
	return errorCode;
}
function GDCAKeyGetCertInfo(i_Com, CertData, outData) {
	var errorCode;
	var InfoValue;
	outData[0] = i_Com
			.GDCA_GetCertificateInfo(CertData, GDCA_GET_CERT_EXTENSIONS);
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCAWriteLabel(i_Com, labelName, lableType, labelMode, labelData) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_WriteLabel(labelName, lableType, labelMode, labelData);
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCAReadLabel(i_Com, labelName, labelType, outData) {
	var outValue = "", errorCode;
	outValue = i_Com.GDCA_ReadLabel(labelName, labelType);
	errorCode = i_Com.GetError();
	outData[0] = outValue;
	return errorCode;
}

function GDCAWriteOperatorLabel(i_Com) {
	var rtn, errorCode;
	var out_data = new Array;
	ret = GDCABase64Encode(i_Com, "1", out_data);
	if (ret != 0) {
		alert("Base64编码出错:" + ret);
		GDCACommonEndKey(i_Com);
		return ret;
	}
	rtn = i_Com.GDCA_WriteLabel(LBL_OPERATORID, GDCA_LBL_EXDATA, GDCA_LBLMODE_RW,
			out_data[0]);
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCAReadOperatorLabel(i_Com, outData) {
	var outValue = "", errorCode;
	outValue = i_Com.GDCA_ReadLabel(LBL_OPERATORID, GDCA_LBL_EXDATA);
	errorCode = i_Com.GetError();
	outData[0] = outValue;
	return errorCode;
}

function GDCADeleteLabel(i_Com, labelName, labelType) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_DeleteLabel(labelName, labelType);
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCAPkcs1Decrypt(i_Com, labelName, labelType, inData, outData) {
	var errorCode, CryptoTxt = "";
	CryptoTxt = i_Com.GDCA_OpkiPkcs1RsaDecrypt(labelName, labelType, inData);
	errorCode = i_Com.GetError();
	outData[0] = CryptoTxt;
	return errorCode;
}
function GDCAOpkiSymmCryptData(i_Com, isEncryption, symmAlgoType, symmKey,
		flag, inData, outData) {
	var base64plain, base64Key;
	var errorCode, CryptedMsg = "";
	if (isEncryption == 1) {
		base64plain = i_Com.GDCA_Base64Encode(inData);
		errorCode = i_Com.GetError();
		if (errorCode != 0) {
			alert("Base64Encode In Data Error:" + errorCode);
			return errorCode;
		}
	} else {
		base64plain = inData;
	}
	if (flag == "false") {
		base64Key = i_Com.GDCA_Base64Encode(symmKey);
		errorCode = i_Com.GetError();
		if (errorCode != 0) {
			alert("Base64Encode symmKey Error" + errorCode);
			return errorCode;
		}
	} else
		base64Key = symmKey;
	CryptedMsg = i_Com.GDCA_OpkiSymmCryptData(isEncryption, symmAlgoType,
			base64Key, base64plain);
	errorCode = i_Com.GetError();
	if (errorCode != 0) {
		alert("OpkiSymmCryptData Error:" + errorCode);
		return errorCode;
	}
	outData[0] = CryptedMsg;
	return errorCode;
}
function GDCAOpkiHash(i_Com, hashAlg, hashData, outData) {
	var base64plain = "";
	var hashedData = "";
	base64plain = i_Com.GDCA_Base64Encode(hashData);
	errorCode = i_Com.GetError();
	if (errorCode != 0) {
		alert("Base64Encode In Data Error" + errorCode);
		return errorCode;
	}
	hashedData = i_Com.GDCA_OpkiHashData(hashAlg, base64plain);
	errorCode = i_Com.GetError();
	if (errorCode != 0) {
		alert("OpkiHashData Error:" + errorCode);
		return errorCode;
	}
	outData[0] = hashedData;
	return errorCode;
}
function GDCAImportKeyPair(i_Com, labelName, labelType, inData) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_ImportRsaKeyPair(labelName, labelType, inData);

	errorCode = i_Com.GetError();
	return errorCode;
}

function GDCAImportKeyPairCA(i_Com, labelName, labelType, inData) {
	var rtn, errorCode;

	rtn = i_Com.GDCA_ImportRsaKeyPairCA(labelName, labelType, inData);
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCAChangePin(i_Com, user_type, oldpin, newpin) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_ChangePin(user_type, oldpin, newpin);
	errorCode = i_Com.GetError();
	return errorCode;
}
function GDCAUnlockDevice(i_Com, unlockPin, newPin) {
	var rtn, errorCode;
	rtn = i_Com.GDCA_UnlockDevice(unlockPin, newPin);
	errorCode = i_Com.GetError();
	if (errorCode != 0) {
		// 尝试用123456去解锁
		// alert("尝试用123456去解锁");
		rtn = i_Com.GDCA_UnlockDevice("123456", newPin);
		errorCode = i_Com.GetError();
	}
	return errorCode;
}
function GDCAKeyWriteFile(i_Com, filename1, inData) {
	var ret;
	ret = i_Com.GDCA_WriteFile(filename1, 0, inData);
	ret = i_Com.GetError();
	if (ret != 0) {
		alert("保存文件失败:" + ret);
		return ret;
	}
	return ret;
}
function GDCACreatSignKey(i_Com, usertype) {
	var rtn, errorCode;
	var outData = new Array;
	if (usertype == "UT03") {
		ret = GDCAGenKeyPair(i_Com, LBL_USERCERT_SIG, GDCA_LBL_SIGNKEY);
		if (ret != 0) {
			alert("产生签名密钥对失败:" + ret);
			return ret;
		}
		ret = GDCAGetPubKey(i_Com, LBL_USERCERT_SIG, GDCA_LBL_SIGNKEY, outData);
		if (ret != 0) {
			alert("取签名公钥失败：" + ret);
			return ret;
		}
		ret = GDCAWriteLabel(i_Com, LBL_USERCERT_TEMP, LBLTYPE_OTHER, MODE_RW,
				outData[0]);
		if (ret != 0) {
			alert("写临时密钥失败：" + ret);
			return ret;
		}
	}
	return ret;
}
function GDCACertDownLoadWrite(i_Com, i_isBack, i_oldUserPin, i_newUserPin,
		i_oldPrvKeyPasswd, i_newPrvKeyPasswd, i_certtype, i_signCert,
		i_signCert_sn, i_encCert, i_encCert_sn, i_encKey, i_encKeyHash, i_symKey,
		i_userid, i_ca_cert, user_name) {
	var ret = 0;
	var out_data = new Array;

	if ((i_isBack != "N") && (i_isBack != "n")) { // 证书更新操作
		if (i_certtype == "CT02") {
			GDCADeleteLabel(i_Com, LBL_USERCERT_ENC, LBLTYPE_CERT);
			GDCADeleteLabel(i_Com, LBL_USERCERT_ENC, LBLTYPE_KEY);
			GDCADeleteLabel(i_Com, LBL_USERCERT_SIG, LBLTYPE_CERT);
			GDCADeleteLabel(i_Com, LBL_USERCERT_SIG_SN, LBLTYPE_OTHER);
			GDCADeleteLabel(i_Com, LBL_USERCERT_ENC_SN, LBLTYPE_OTHER);
		} else if (i_certtype == "CT01") {
			GDCADeleteLabel(i_Com, LBL_USERCERT_SIG, LBLTYPE_CERT);
			GDCADeleteLabel(i_Com, LBL_USERCERT_SIG_SN, LBLTYPE_OTHER);
		}
	}
	var PrivateKeyPlain;
	if (i_certtype != "CT03") {
		if (i_encKey != "") {
			if (i_symKey != "") {
				ret = GDCAPkcs1Decrypt(i_Com, LBL_TEMP, GDCA_LBL_ENCKEY, i_symKey,
						out_data)
				if (ret != 0) {
					alert("用临时加密私钥解密出对称密钥明文出错:" + ret);
					return ret;
				}
				var symKey_encode = out_data[0];
				ret = GDCABase64Decode(i_Com, symKey_encode, out_data);
				if (ret != 0) {
					alert("解码对称密钥失败 ：" + ret);
					return ret;
				}
				var symKey_plain = out_data[0];
				ret = GDCAOpkiSymmCryptData(i_Com, 0, ALGO_3DES, symKey_encode, true,
						i_encKey, out_data)
				if (ret != 0) {
					alert("解密私钥失败！" + ret);
					return ret;
				}
				PrivateKeyPlain = out_data[0];
			} else {
				PrivateKeyPlain = i_encKey;
			}
			var PrivateKeyPlainLen = PrivateKeyPlain.length;
			ret = GDCAOpkiHash(i_Com, ALGO_SHA1, PrivateKeyPlain, out_data);
			if (ret != 0) {
				alert("私钥hash value 失败:" + ret);
				return ret;
			}
			var prv_key_hash = out_data[0];
			if (prv_key_hash != i_encKeyHash) {
				alert("比较私钥hash 失败!");
				return -1;
			}
			ret = GDCAImportKeyPair(i_Com, LBL_USERCERT_ENC, GDCA_LBL_ENCKEY,
					PrivateKeyPlain);
			if (ret != 0) {
				alert("写私钥失败:" + ret);
				return ret;
			}
		}
	}
	if (i_signCert.length == 0 || i_signCert == "") {
		alert("签名证书为空，数据不全，不能正常下载！");
		return -100;
	}
	ret = GDCAWriteLabel(i_Com, LBL_USERCERT_SIG, GDCA_LBL_SIGNCERT,
			GDCA_LBLMODE_RW, i_signCert);
	if (ret != 0) {
		alert("写签名证书失败:" + ret);
		return ret;
	}
	ret = GDCABase64Encode(i_Com, i_signCert_sn, out_data);
	if (ret != 0) {
		alert("Base64编码出错:" + ret);
		return ret;
	}
	ret = GDCAWriteLabel(i_Com, LBL_USERCERT_SIG_SN, GDCA_LBL_EXDATA,
			GDCA_LBLMODE_RW, out_data[0]);
	if (ret != 0) {
		alert("写签名证书序列号失败：" + ret);
		return ret;
	}
	if (i_certtype == "CT02" || i_certtype == "CT03") {
		if (i_encCert.length == 0 || i_encCert == "") {
			alert("加密证书为空，数据不全，不能正常下载！");
			return -101;
		}
		ret = GDCAWriteLabel(i_Com, LBL_USERCERT_ENC, GDCA_LBL_ENCCERT,
				GDCA_LBLMODE_RW, i_encCert);
		if (ret != 0) {
			alert("写加密证书失败:" + ret);
			return ret;
		}
		ret = GDCABase64Encode(i_Com, i_encCert_sn, out_data);
		if (ret != 0) {
			alert("加密证书序列号Base64编码出错:" + ret);
			return ret;
		}
		ret = GDCAWriteLabel(i_Com, LBL_USERCERT_ENC_SN, GDCA_LBL_EXDATA,
				GDCA_LBLMODE_RW, out_data[0]);
		if (ret != 0) {
			alert("写加密证书序列号失败：" + ret);
			return ret;
		}
	}
	if ((i_isBack == "N")) // 证书更新操作
	{
		ret = GDCABase64Decode(i_Com, i_ca_cert, out_data);
		if (ret != 0) {
			alert("解码CA根证书失败 ：" + ret);
			return ret;
		}
		ret = GDCAWriteLabel(i_Com, LBL_CACERT, GDCA_LBL_CACERT, GDCA_LBLMODE_RW,
				out_data[0]);
		if (ret != 0) {
			alert("写CA根证书失败！" + ret);
			return ret;
		}
		ret = GDCAWriteLabel(i_Com, LBL_USERID, GDCA_LBL_EXDATA, GDCA_LBLMODE_RW,
				i_userid);
		if (ret != 0) {
			alert("写用户编号失败：" + ret);
			return ret;
		}
	}
	if (i_certtype == "CT03") {
		if (i_encCert.length == 0 || i_encCert == "") {
			alert("加密证书为空，数据不全，不能正常下载！");
			return -101;
		}
		if (i_encKey == "" || i_encKey.length == 0) {
			alert("加密密钥为空，不能正常下载！");
			return -101;
		}
		if (i_symKey == "" || i_symKey.length == 0) {
			alert("对称密钥为空，不能正常下载！");
			return -101;
		}
		ret = GDCAWriteLabel(i_Com, "SYMMKEY", GDCA_LBL_DATA, GDCA_LBLMODE_RW,
				i_symKey);
		if (ret != 0) {
			alert("写对称密钥失败：" + ret);
			return ret;
		}
		ret = GDCAWriteLabel(i_Com, "ENVPRIV", GDCA_LBL_DATA, GDCA_LBLMODE_RW,
				i_encKey);
		if (ret != 0) {
			alert("写加密私钥失败：" + ret);
			return ret;
		}
		var PfxInfo = i_Com.GDCA_GenPfx(i_encCert, i_symKey, i_encKey, 0);
		ret = i_Com.GetError();
		if (ret != 0) {
			alert("GDCA_GenPfx error:" + ret);
			return ret;
		}
		ret = GDCAWriteLabel(i_Com, "GDCA_PFX", GDCA_LBL_DATA, GDCA_LBLMODE_RW,
				PfxInfo);
		ret = i_Com.GetError();
		if (ret != 0) {
			alert("GDCA_GenPfx error:" + errorCode);
			return ret;
		}
		return ret;
	}
	var CertInfo = new Array;
	ret = GDCAKeyGetCertInfo(i_Com, i_signCert, CertInfo);
	if (ret != 0) {
		alert("GDCAKeyGetCertInfo error:" + errorCode);
		return ret;
	}
	var indx1 = CertInfo[0].indexOf("1.2.86.21.1.1");
	// var indx2 = CertInfo[0].indexOf("1.2.86.21.1.2");
	var indx3 = CertInfo[0].indexOf("1.2.86.21.1.3");
	// alert("CertInfo="+CertInfo[0]);
	var Str1 = CertInfo[0].substr(indx1 + 18, 23);
	var s1 = Str1.substr(2, 1);
	var s2 = Str1.substr(4, 1);
	var s3 = Str1.substr(6, 1);
	var s4 = Str1.substr(8, 1);
	var s5 = Str1.substr(10, 1);
	var s6 = Str1.substr(12, 1);
	var s7 = Str1.substr(14, 1);
	var s8 = Str1.substr(16, 1);
	var s9 = Str1.substr(18, 1);
	var s10 = Str1.substr(20, 1);
	var s11 = Str1.substr(22, 1);
	var TrustidBefStr = s1 + s2 + s3 + s4 + s5 + s6 + s7 + s8 + s9 + s10 + s11;
	// alert("TrustidBefStr="+TrustidBefStr);LBL_TRUSTSTR0

	var Str2 = CertInfo[0].substr(indx3 + 18, 23);
	s1 = Str2.substr(2, 1);
	s2 = Str2.substr(4, 1);
	s3 = Str2.substr(6, 1);
	s4 = Str2.substr(8, 1);
	s5 = Str2.substr(10, 1);
	s6 = Str2.substr(12, 1);
	s7 = Str2.substr(14, 1);
	s8 = Str2.substr(16, 1);
	s9 = Str2.substr(18, 1);
	s10 = Str2.substr(20, 1);
	s11 = Str2.substr(22, 1);

	var TrustidAftStr = s1 + s2 + s3 + s4 + s5 + s6 + s7 + s8 + s9 + s10 + s11;
	// alert("TrustidAftStr="+TrustidAftStr);
	var trustS = TrustidAftStr + TrustidBefStr;
	/*
	 * trustS = trustS+"<sig_sn>"+i_signCert_sn+"</sig_sn>"; trustS = trustS+"<name>"+user_name+"</name>";
	 * trustS = trustS+"<sipid>"+TrustidStr+"</sipid>"; trustS = trustS+"<domain>"+"gd.gov.cn"+"</domain>";
	 * trustS = trustS+"</info>";
	 */
	var B64trustString = new Array;
	ret = GDCABase64Encode(i_Com, trustS, B64trustString);
	if (ret != 0) {
		alert("trustString号Base64编码出错:" + ret);
		return ret;
	}

	ret = GDCAWriteLabel(i_Com, LBL_DISAID0, GDCA_LBL_EXDATA, GDCA_LBLMODE_RW,
			B64trustString[0]);
	if (ret != 0) {
		alert("写信任服务号失败！" + ret);
		return ret;
	}
	ret = GDCAChangePin(i_Com, 2, i_oldUserPin, i_newUserPin);
	if (ret != 0) {
		alert("GDCAChangePin 出错:" + ret);
		return ret;
	}
	return ret;
}

/** *************************************************************************************************************** */
/*******************************************************************************
 * 为得安做的证书下载程序 /
 ******************************************************************************/
function GDCADeanCertDownLoadWrite(i_Com, i_isBack, // 更新标志Y
		i_signCert, i_signCert_sn, i_encCert, i_encCert_sn, i_PrivateKey, // 数字信封
		i_oldPin, i_newPin, i_ca_cert) {
	var ret = 0;
	var out_data = new Array;
	// alert("GDCADeanCertDownLoadWrite Start");
	// alert("i_signCert = " + i_signCert);
	// alert("i_encCert = " + i_encCert);

	if ((i_isBack != "N") && (i_isBack != "n")) { // 证书更新操作

		/*
		 * if(i_certtype=="CT02"){
		 * GDCADeleteLabel(i_Com,LBL_USERCERT_ENC,LBLTYPE_CERT);
		 * GDCADeleteLabel(i_Com,LBL_USERCERT_ENC,LBLTYPE_KEY);
		 * GDCADeleteLabel(i_Com,LBL_USERCERT_SIG,LBLTYPE_CERT);
		 * GDCADeleteLabel(i_Com,LBL_USERCERT_SIG_SN,LBLTYPE_OTHER);
		 * GDCADeleteLabel(i_Com,LBL_USERCERT_ENC_SN,LBLTYPE_OTHER); } else
		 * if(i_certtype=="CT01"){
		 * GDCADeleteLabel(i_Com,LBL_USERCERT_SIG,LBLTYPE_CERT);
		 * GDCADeleteLabel(i_Com,LBL_USERCERT_SIG_SN,LBLTYPE_OTHER); }
		 */

		// 加密序列号
		ret = GDCADeleteLabel(i_Com, LBL_USERCERT_ENC_SN, LBLTYPE_OTHER);
		if (ret != 0) {
			// alert("GDCADeleteLabel LBLTYPE_OTHER失败！"+ret);
			// alert("LBL_USERCERT_ENC_SN = " + LBL_USERCERT_ENC_SN);
			// alert("LBLTYPE_OTHER = " + LBLTYPE_OTHER);
			// return ret;
		}

		// 加密证书
		ret = GDCADeleteLabel(i_Com, LBL_USERCERT_ENC, GDCA_LBL_ENCCERT);
		if (ret != 0) {
			// alert("GDCADeleteLabel LBLTYPE_CERT失败！"+ret);
			// alert("LBL_USERCERT_ENC = " + LBL_USERCERT_ENC);
			// alert("LBLTYPE_CERT = " + LBLTYPE_CERT);
			// return ret;
		}
		// 签名序列号
		ret = GDCADeleteLabel(i_Com, LBL_USERCERT_SIG_SN, LBLTYPE_OTHER);
		if (ret != 0) {
			// alert("GDCADeleteLabel LBLTYPE_OTHER失败！"+ret);
			// alert("LBL_USERCERT_SIG_SN = " + LBL_USERCERT_SIG_SN);
			// alert("LBLTYPE_OTHER = " + LBLTYPE_OTHER);
			// return ret;
		}

		// 签名证书
		ret = GDCADeleteLabel(i_Com, LBL_USERCERT_SIG, GDCA_LBL_SIGNCERT);
		if (ret != 0) {
			// alert("GDCADeleteLabel LBLTYPE_CERT失败！"+ret);
			// alert("LBL_USERCERT_SIG = " + LBL_USERCERT_SIG);
			// alert("LBLTYPE_CERT = " + LBLTYPE_CERT);
			// return ret;
		}

		// 加密私钥
		if (i_PrivateKey.length != 0)// 删除加密私钥的lable
		{
			ret = GDCADeleteLabel(i_Com, LBL_USERCERT_ENC, GDCA_LBL_ENCKEY);
			if (ret != 0) {
				// alert("GDCADeleteLabel LBLTYPE_KEY失败！"+ret);
				// alert("LBL_USERCERT_ENC = " + LBL_USERCERT_ENC);
				// alert("LBLTYPE_KEY = " + LBLTYPE_KEY);
				// return ret;
			}
		}

	}
	// alert("GDCADeanCertDownLoadWrite i_PrivateKey="+i_PrivateKey);
	if (i_PrivateKey.length != 0) {
		// alert("解数字信封");
		ret = GDCAImportKeyPairCA(i_Com, LBL_USERCERT_ENC, GDCA_LBL_ENCKEY,
				i_PrivateKey);
		if (ret != 0) {
			alert("写私钥失败:" + ret);
			return ret;
		}
	}

	if ((i_isBack == "N")) {
		/*
		 * ret = GDCABase64Decode(i_Com,i_ca_cert,out_data); if (ret!=0){
		 * alert("解码CA根证书失败 ："+ret); return ret; }
		 * 
		 * ret =
		 * GDCAWriteLabel(i_Com,LBL_CACERT,GDCA_LBL_CACERT,GDCA_LBLMODE_RW,out_data[0]);
		 */
		ret = GDCAWriteLabel(i_Com, LBL_CACERT, GDCA_LBL_CACERT, GDCA_LBLMODE_RW,
				i_ca_cert);
		if (ret != 0) {
			alert("写CA根证书失败！" + ret);
			return ret;
		}
	}

	if (i_signCert.length != 0) {
		// alert("写签名证书");
		ret = GDCAWriteLabel(i_Com, LBL_USERCERT_SIG, GDCA_LBL_SIGNCERT,
				GDCA_LBLMODE_RW, i_signCert);
		if (ret != 0) {
			alert("写签名证书失败:" + ret);
			return ret;
		}
		// alert("i_signCert_sn " + i_signCert_sn);
		// alert("i_signCert_sn " + out_data);
		ret = GDCABase64Encode(i_Com, i_signCert_sn, out_data);
		if (ret != 0) {
			alert("Base64编码出错:" + ret);
			i_Com.GDCA_Finalize();
			return ret;
		}
		// alert("写签名证书序列号");
		ret = GDCAWriteLabel(i_Com, LBL_USERCERT_SIG_SN, GDCA_LBL_EXDATA,
				GDCA_LBLMODE_RW, out_data[0]);
		if (ret != 0) {
			alert("写签名证书序列号失败：" + ret);
			i_Com.GDCA_Finalize();
			return ret;
		}
		// alert("写签名证书完毕");
	}
	if (i_encCert.length != 0) {
		// alert("写加密证书");
		ret = GDCAWriteLabel(i_Com, LBL_USERCERT_ENC, GDCA_LBL_ENCCERT,
				GDCA_LBLMODE_RW, i_encCert);
		if (ret != 0) {
			alert("写加密证书失败:" + ret);
			i_Com.GDCA_Finalize();
			return ret;
		}
		ret = GDCABase64Encode(i_Com, i_encCert_sn, out_data);
		if (ret != 0) {
			alert("加密证书序列号Base64编码出错:" + ret);
			i_Com.GDCA_Finalize();
			return ret;
		}
		// alert("写加密证书序列号");
		ret = GDCAWriteLabel(i_Com, LBL_USERCERT_ENC_SN, GDCA_LBL_EXDATA,
				GDCA_LBLMODE_RW, out_data[0]);
		if (ret != 0) {
			alert("写加密证书序列号失败：" + ret);
			i_Com.GDCA_Finalize();
			return ret;
		}
		// alert("写加密证书完毕");
	}
	// alert("i_newPin == " +i_newPin);
	ret = GDCAChangePin(i_Com, 2, i_oldPin, i_newPin);
	if (ret != 0) {
		alert("GDCAChangePin 出错:" + ret);
		i_Com.GDCA_Finalize();
		return ret;
	}
	return ret;
}

// ////////为市质监增加的写2K应用的方法。已经不使用了////////////////////////
var FixLenData_Label = "FixLenData_Label";
function GDCAWriteExetraData(i_Com, exetraData, pin) {
	// alert("exetraData = " + exetraData);
	var out_data = new Array;
	// 设置设备类型
	key_type = isSGKey(i_Com);

	ret = GDCASetDevice(i_Com, key_type);
	if (ret != 0) {
		alert("设置设备类型出错：" + ret);
		return ret;
	}
	// alert("初始化控件");
	ret = GDCAInitialize(i_Com);
	if (ret != 0) {
		alert("初始化控件出错：" + ret);
		return ret;
	}
	ret = GDCALogin(i_Com, 2, pin)
	if (ret != 0) {
		alert("KEY的PIN码出错:" + ret);
		pin = prompt("请输入正确的的KEY的PIN码 ：", "");
		ret = GDCALogin(i_Com, 2, pin)
		if (ret != 0)
			return ret;
	}

	ret = GDCABase64Encode(i_Com, exetraData, out_data);
	if (ret != 0) {
		alert("信息Base64编码出错:" + ret);
		return ret;
	}
	// alert("out_data[0] = " + out_data[0].length);
	if (out_data[0].length < 2048)
		var i = 0;

	for (i = out_data[0].length; i < 2048; i++) {
		out_data[0] = out_data[0] + " ";
	}
	// alert("out_data[0] = " + out_data[0].length);
	ret = GDCABase64Encode(i_Com, out_data[0], out_data);
	if (ret != 0) {
		alert("信息Base64编码出错:" + ret);
		return ret;
	}
	ret = GDCAWriteLabel(i_Com, FixLenData_Label, GDCA_LBL_EXDATA,
			GDCA_LBLMODE_RW, out_data[0]);
	if (ret != 0) {
		alert("写信息失败：" + ret);
		return ret;
	}
	ret = GDCAFinalize(i_Com);
	if (ret != 0)
		alert("Finalize Error:" + ret);

}

/** *************************************************************************************************************** */
/*******************************************************************************
 * 为UsbKey多用户初始化做的程序 /
 ******************************************************************************/
function keyInit(i_Com, initValue, supperPin) {
	// 设置设备类型
	key_type = isSGKey(i_Com);

	ret = GDCASetDevice(i_Com, key_type);
	if (ret != 0) {
		alert("设置设备类型出错：" + ret);
		return ret;
	}
	// alert("初始化控件");
	ret = GDCAInitialize(i_Com);
	if (ret != 0) {
		alert("初始化控件出错：" + ret);
		i_Com.GDCA_Finalize();
		return ret;
	}
	/*
	 * var ret = i_Com.GDCA_SetDeviceType(11); var errorCode = i_Com.GetError();
	 * if(errorCode != 0) { alert("GDCA_SetDeviceType:" + errorCode); return; }
	 * 
	 * ret = i_Com.GDCA_Initialize(); errorCode = i_Com.GetError(); if(errorCode !=
	 * 0) { alert("GDCA_Initialize:" + errorCode); return; }
	 */
	// var ret = i_Com.GDCA_FormatApplication(initValue);
	var ret = i_Com.GDCA_FormatApplication(initValue, supperPin);
	errorCode = i_Com.GetError();
	if (errorCode != 0) {
		alert("GDCA_FormatApplication error:" + errorCode);
		i_Com.GDCA_Finalize();
		return errorCode;
	}

	i_Com.GDCA_Finalize();
	return ret;
}

// 市质监督写4K的新方法
function keyInitWrite(i_Com, fileType, fileIndex, fileOffset, fileData, pin,
		loginType) {
	var writeLength = 4096;
	// 设置设备类型
	key_type = isSGKey(i_Com);
	var out_data = new Array;
	ret = GDCASetDevice(i_Com, key_type);
	if (ret != 0) {
		alert("设置设备类型出错：" + ret);
		return ret;
	}
	// alert("初始化控件");
	ret = GDCAInitialize(i_Com);
	if (ret != 0) {
		alert("初始化控件出错：" + ret);
		i_Com.GDCA_Finalize();
		return ret;
	}

	i_Com.GDCA_Login(loginType, pin);

	errorCode = i_Com.GetError();
	if (errorCode != 0) {
		alert("GDCALogin error:" + errorCode);
		i_Com.GDCA_Finalize();
		return errorCode;
	}
	ret = GDCABase64Encode(i_Com, fileData, out_data);
	if (ret != 0) {
		alert("信息Base64编码出错:" + ret);
		i_Com.GDCA_Finalize();
		return ret;
	}
	// alert("out_data[0] = " + out_data[0].length);
	if (out_data[0].length < writeLength)
		var i = 0;

	for (i = out_data[0].length; i < writeLength; i++) {
		out_data[0] = out_data[0] + " ";
	}
	// alert("out_data[0] = " + out_data[0].length);
	ret = GDCABase64Encode(i_Com, out_data[0], out_data);
	if (ret != 0) {
		alert("信息Base64编码出错:" + ret);
		i_Com.GDCA_Finalize();
		return ret;
	}
	keyInitWriteValue = i_Com.GDCA_WriteUsrDataFile(fileType, fileIndex,
			fileOffset, out_data[0]);

	errorCode = i_Com.GetError();
	if (errorCode != 0) {
		alert("GDCA_WriteUsrDataFile error:" + errorCode);
		i_Com.GDCA_Finalize();
		return errorCode;
	}

	i_Com.GDCA_Logout();

	i_Com.GDCA_Finalize();

	return keyInitWriteValue;
}

// 多用户解锁
function MultiuserUnlock(i_Com, sAppID, sSuperPin, sUserPin) {
	var retUnlockPin = i_Com.GDCA_MultiUnlockPin(sAppID, sSuperPin, sUserPin);
	errorCode = i_Com.GetError();
	if (errorCode != 0) {
		alert("Multiuser Unlock error:" + errorCode);
		i_Com.GDCA_Finalize();
		return errorCode;
	}

	i_Com.GDCA_Logout();

	i_Com.GDCA_Finalize();

	return retUnlockPin;
}

// 特殊处理省旧2K数据
function GDCAExtraApp(i_Com, usrpin, fileType, fileIndex, fileOffset, writePin,
		loginType) {
	var FixLenData_Label = "FixLenData_Label";
	var out_data = new Array;
	// 设置设备类型
	key_type = isSGKey(i_Com);
	if (key_type == 0) {
		return -1;
	}
	ret = GDCASetDevice(i_Com, key_type);
	if (ret != 0) {
		alert("设置设备类型出错：" + ret);
		return ret;
	}
	// alert("初始化控件");
	ret = GDCAInitialize(i_Com);
	if (ret != 0) {
		alert("初始化控件出错：" + ret);
		i_Com.GDCA_Finalize();
		return ret;
	}
	var out_data = new Array;
	ret = GDCAReadLabel(i_Com, FixLenData_Label, GDCA_LBL_EXDATA, out_data);
	if (ret != 0) {
		// alert("读旧数据错误或者没有");
		i_Com.GDCA_Finalize();
		return 0;
	}
	// alert("out_data[0].length =" + out_data[0].length);
	if (out_data[0].length < 2048) {
		// alert("原来旧的数据不对或者没有");
		i_Com.GDCA_Finalize();
		return 0;
	} else {
		var isWriteOK = 1;
		i_Com.GDCA_Login(loginType, writePin);
		errorCode = i_Com.GetError();
		if (errorCode != 0) {
			alert("GDCALogin appUser error:" + errorCode);
			i_Com.GDCA_Finalize();
			return errorCode;
		}
		if (out_data[0].length < 4096) {
			ret = GDCABase64Decode(i_Com, out_data[0], out_data);
			if (ret != 0) {
				alert("信息Base64编码出错:" + ret);
				i_Com.GDCA_Finalize();
				return ret;
			}
			var i = 0;
			for (i = out_data[0].length; i < 4096; i++) {
				out_data[0] = out_data[0] + " ";
			}
			// alert("out_data[0] = " + out_data[0].length);
			ret = GDCABase64Encode(i_Com, out_data[0], out_data);
			if (ret != 0) {
				alert("信息Base64编码出错:" + ret);
				i_Com.GDCA_Finalize();
				return ret;
			}
		}
		isWriteOK = i_Com.GDCA_WriteUsrDataFile(fileType, fileIndex, fileOffset,
				out_data[0]);
		errorCode = i_Com.GetError();
		if (errorCode != 0) {
			alert("GDCA_WriteUsrDataFile error:" + errorCode);
			i_Com.GDCA_Finalize();
			return errorCode;
		} else {
			// 删除原来数据,先登陆，再删除
			// alert("usrpin = " + usrpin);
			ret = GDCALogin(i_Com, 2, usrpin);
			if (ret != 0) {
				alert("pin码不对");
				i_Com.GDCA_Logout();
				i_Com.GDCA_Finalize();
				return ret;
			}

			ret = GDCADeleteLabel(i_Com, FixLenData_Label, 3);
			if (ret != 0) {
				alert("FixLenData_Label失败！" + ret);
				i_Com.GDCA_Logout();
				i_Com.GDCA_Finalize();
				return ret;
			}

		}
		i_Com.GDCA_Logout();
		i_Com.GDCA_Finalize();
		return isWriteOK;
	}
}

/** *************************************************************************************************************** */
/*******************************************************************************
 * 为天翼税通做的证书下载程序 /
 ******************************************************************************/
function GDCATystCertDownLoadWrite(
        i_Com,
        i_isBack, // 更新标志Y
		i_signCert, 
		i_signCert_sn, 
		i_encCert, 
		i_encCert_sn, 
		i_PrivateKey, // 数字信封
		i_oldPin, 
		i_newPin, 
		i_ca_cert,
		keyId) 
{
	try {	
	    //alert("开始写KEY函数");	 
	    var out_data = new Array;   
		var ret = 0;
		GDCAFinalize(i_Com);
	    var key_type = isSGKey(i_Com);
	    if(!key_type)
	    {
	    	return 1;
	    }
	    ret=GDCASetDevice(i_Com,key_type);
	    if(ret!=0)
	    {
	       alert("设置设备类型出错："+ret);
	       return ret;
	    }	
	    ret=GDCAInitialize(i_Com);
	    if(ret!=0)
	    {
	        alert("初始化控件出错："+ret);
	        return ret;
	    }
		//alert("登录KEY");
		//登录KEY
	    ret = GDCALogin(i_Com,2,i_oldPin);
	    if(ret!=0)
	    {
	        alert("登陆出错："+ret);
	        return ret;
	    }
	    //alert("登录成功");
	    //登录完毕
		if ((i_isBack != "N") && (i_isBack != "n")) { //证书更新操作
		
			// 首先匹配KEYID
			ret = GDCAReadLabel(i_Com, LBL_DISAID, GDCA_LBL_EXDATA, out_data);
			if (ret != 0) {
				alert("读KeyID出错：" + ret);
				return ret;
			}
			ret = GDCABase64Decode(i_Com, out_data[0], out_data);
			if (ret != 0) {
				alert("解码KeyId出错：" + ret);
				return ret;
			}
			if (keyId != out_data[0]) {
				alert("请插入正确的用户Key");
				return -1999;
			}
			// 匹配完毕。
            
			// 加密序列号
			ret = GDCADeleteLabel(i_Com, LBL_USERCERT_ENC_SN, LBLTYPE_OTHER);
			// 加密证书
			ret = GDCADeleteLabel(i_Com, LBL_USERCERT_ENC, GDCA_LBL_ENCCERT);
			// 签名序列号
			ret = GDCADeleteLabel(i_Com, LBL_USERCERT_SIG_SN, LBLTYPE_OTHER);
			// 签名证书
			ret = GDCADeleteLabel(i_Com, LBL_USERCERT_SIG, GDCA_LBL_SIGNCERT);
			// 加密私钥
			if (i_PrivateKey.length != 0)// 删除加密私钥的lable
			{
				ret = GDCADeleteLabel(i_Com, LBL_USERCERT_ENC, GDCA_LBL_ENCKEY);
			}

		}
		else
		{
			//alert("非更新操作，不需要删除LABLE");
		}
		if (i_PrivateKey.length != 0) {
			 //alert("解数字信封");
			ret = GDCAImportKeyPairCA(i_Com, LBL_USERCERT_ENC, GDCA_LBL_ENCKEY,
					i_PrivateKey);
			if (ret != 0) {
				alert("写私钥失败:" + ret);
				return ret;
			}
			//alert("写私钥成功");
		}

		if ((i_isBack == "N") && i_ca_cert.length!=0) {
			//alert("写CA根证书");
			ret = GDCAWriteLabel(i_Com, LBL_CACERT, GDCA_LBL_CACERT, GDCA_LBLMODE_RW,
					i_ca_cert);
			if (ret != 0) {
				alert("写CA根证书失败！" + ret);
				return ret;
			}
			//alert("写CA根证书成功");
		}
		
		//写keyId
		if ((i_isBack == "N") && keyId.length!=0) {
			//alert("写keyid");
			ret = GDCABase64Encode(i_Com,keyId,out_data);
		    if(ret!=0)
		    {
		         alert("Base64编码出错:"+ret);
		         return ret;
		    }		
		    ret = GDCAWriteLabel(i_Com,LBL_DISAID,GDCA_LBL_EXDATA,GDCA_LBLMODE_RW,out_data[0]);
		    if(ret != 0)
		    {
		       alert("写keyId出错："+ret);
		       return ret;
		    }
			//alert("写keyid成功");
		}

		if (i_signCert.length != 0) {
			//alert("写签名证书");
			ret = GDCAWriteLabel(i_Com, LBL_USERCERT_SIG, GDCA_LBL_SIGNCERT,
					GDCA_LBLMODE_RW, i_signCert);
			if (ret != 0) {
				alert("写签名证书失败:" + ret);
				return ret;
			}
			ret = GDCABase64Encode(i_Com, i_signCert_sn, out_data);
			if (ret != 0) {
				alert("Base64编码出错:" + ret);
				i_Com.GDCA_Finalize();
				return ret;
			}
			 //alert("写签名证书序列号");
			ret = GDCAWriteLabel(i_Com, LBL_USERCERT_SIG_SN, GDCA_LBL_EXDATA,
					GDCA_LBLMODE_RW, out_data[0]);
			if (ret != 0) {
				alert("写签名证书序列号失败：" + ret);
				i_Com.GDCA_Finalize();
				return ret;
			}
			 //alert("写签名证书完毕");
		}
		if (i_encCert.length != 0) {
			 //alert("写加密证书");
			ret = GDCAWriteLabel(i_Com, LBL_USERCERT_ENC, GDCA_LBL_ENCCERT,
					GDCA_LBLMODE_RW, i_encCert);
			if (ret != 0) {
				alert("写加密证书失败:" + ret);
				i_Com.GDCA_Finalize();
				return ret;
			}
			ret = GDCABase64Encode(i_Com, i_encCert_sn, out_data);
			if (ret != 0) {
				alert("加密证书序列号Base64编码出错:" + ret);
				i_Com.GDCA_Finalize();
				return ret;
			}
			// alert("写加密证书序列号");
			ret = GDCAWriteLabel(i_Com, LBL_USERCERT_ENC_SN, GDCA_LBL_EXDATA,
					GDCA_LBLMODE_RW, out_data[0]);
			if (ret != 0) {
				alert("写加密证书序列号失败：" + ret);
				i_Com.GDCA_Finalize();
				return ret;
			}
			 //alert("写加密证书完毕");
		}
		
		//修改密码
		//ret = GDCAChangePin(i_Com, 2, i_oldPin, i_newPin);
		//if (ret != 0) {
			//alert("GDCAChangePin 出错:" + ret);
			//i_Com.GDCA_Finalize();
			//return ret;
		//}
	} catch (e) {
		alert("写KEY函数捕捉到异常");
		alert(e.message);
		return -200;
	} finally {
		GDCAFinalize(i_Com);
	}
	return ret;
}

function GDCAUnlockKey(i_Com, initPassword, newPassword)
{
    try{
	    GDCAFinalize(i_Com);
	    var key_type = isSGKey(i_Com);
	    if(!key_type)
	    {
	    	return 1;
	    }
	    ret=GDCASetDevice(i_Com,key_type);
	    if(ret!=0)
	    {
	       alert("设置设备类型出错："+ret);
	       return ret;
	    }	
	    ret=GDCAInitialize(i_Com);
	    if(ret!=0)
	    {
	        alert("初始化控件出错："+ret);
	        return ret;
	    }
	    ret = GDCAUnlockDevice(i_Com, initPassword, newPassword);
	    if(ret!=0)
	    {
	        alert("解锁失败："+ret);
	        return ret;
	    }
	    return ret;
    }
    catch(e)
    {
    	alert(e.message);
    	return -200;
    }
    finally {
		GDCAFinalize(i_Com);
	}
    return ret;
}